United States Patent and Trademark Office 




MENT OF COMMERCE 
rademark Office 
OR PATENTS 



22313-1450 



APPLICATION NO. 


FILING DATE 


FIRST NAMED INVENTOR 


ATTORNEY DOCKET NO. 


CONFIRMATION NO. 


10/003,719 


10/30/2001 


David Justin Ross 


29094/14:2 


2644 



7590 11/02/2006 

Christopher V. Panoff 
STOEL RIVES LLP 
900 SW Fifth Avenue, Suite 2600 
Portland, OR 97204-1268 



EXAMINER 



ZIA, SYED 



ART UNIT 



PAPER NUMBER 



2131 

DATE MAILED: 11/02/2006 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



Office Action Summary . 


Application No. 

10/003,719 


Applicant(s) 

ROSS, DAVID JUSTIN 


Examiner 

Syed Zia 


Art Unit 

2131 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 
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2a)H This action is FINAL. 2b)D This action is non-final. 
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10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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DETAILED ACTION 

This office action is in response to application filed on August 09, 2006. Original 
application contained Claims 1-5. Applicant currently amended Claim 1, and added new Claims 
6-15. Therefore, Claims 1-15 are pending for further consideration. 

Response to Arguments 
Applicant's arguments filed on August 09, 2006 have been fully considered but they are 
not persuasive because of the following reasons: 

Regarding Claims 1-15 applicants argued that the system of cited prior arts [Walker et al. U. S. 
Patent 5,884,270] discloses how to use the release of confidential or sensitive information as a 
method for establishing anonymous communications. It can run employer search criteria against 
the "party database" to find suitable candidates for employment. See Walker Fig. 2B. Walker can 
list data that "has been verified" (See Fig. 2C), but it does not teach "how to effectively verify or 
authenticate a subject's identity as in the present invention ". Applicant also argued that cited 
prior art does not teach, "all parties to the system can manage and control the release of any or 
all information about themselves or their identities". 

This is not found persuasive. The system of cited prior art does teach and describe a controlled 
release of information in communication system that has database holding data on parties 
including definition of when and what information can be released to other parties. The method 
involves securely maintaining party data corresponding to at least one party, in the system. 
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When a request is received from a requestor, for party data that are securely maintained in the 
system. Each party is queried to specify which respective party data the system is authorized to 
release to a requestor. Only the requested party data that the respective parties have authorized is 
transmitted to the requestor, while the anonymity of the respective parties is securely maintained. 
Preferably party data about at least one party is maintained in a database. Therefore, this system 
allows user to exercise control over information release to others, and anonymous 
communications. 

As a result, cited prior art does implement and teaches a system for remote user 
authentication employing information stored in multiple, independently controlled databases. 

Applicants still have failed to explicitly identify specific claim limitations, which would 
define a patentable distinction over prior arts. 

The examiner is not trying to teach the invention but is merely trying to interpret the claim 
language in its broadest and reasonable meaning. The examiner will not interpret to read 
narrowly the claim language to read exactly from the specification, but will interpret the claim 
language in the broadest reasonable interpretation in view of the specification. Therefore, the 
examiner asserts that cited prior art does teach or suggest the subject matter broadly recited in 
independent and subsequent dependent claims. Accordingly, rejections for Claims 1-16 are 
respectfully maintained. 



Claim Rejections - 35 USC § 102 



Application/Control Number: 10/003,719 
Art Unit: 2131 



Page 4 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country of in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

Claims 1-15 are rejected under 35 U.S.C. 102(b) as being anticipated by Walker et al. (U. S. 
Patent 5,884,270). 

1. Regarding Claim 1 Walker et al. teach and describe an user authentication system (Figl- 

2, abstract) comprising: a 

an authentication client for requesting authentication of a subject (col.7 line 33 to line 
52,and col. 15 line 26 to line 50); 

a user interface to receive the authentication request from the authentication client (col.9 
line 35 to line 42); 

multiple independently operated databases, each database storing information associated 
with the subject, the associated information being accessible through predefined queries 
to identify the subject (Fig.2A, col.7 line 53 to line 62,and col. 15 line 56 to line 67); 

and a verification engine for facilitating authentication of the subject by receiving the 
authentication request, selecting one or more of the predefined queries, presenting the one or 
more selected queries to the subject via the authenticating client, receiving from the subject an 
answer to each of the one or more selected queries, and presenting the answer to the multiple 
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independently operated databases for a validation response (col.8 line 7 to col.9 line 5, and 
col. 16 line to line 20). 



2. Regarding Claim 4 Walker et al. teach and describe an authentication system (Figl-2, 
abstract) comprising: 

an authentication client for desiring authentication of an authentication subject (col.7 line 
33 to line 52,and col. 15 line 26 to line 50); 

a plurality of independent database systems storing information identifying the 
authentication subject, the identifying information being accessible through predefined queries 
(Fig.2A, col.7 line 53 to line 62,and col. 15 line 56 to line 67); 

and a verification engine to receive from the authentication subject, via the authentication 
client, an answer to each of the predefined queries, to obtain from each of the plurality of 
independent database systems a corresponding authentication confidence for each answer, and 
to combine the corresponding authentication confidence for each answer into a combined 
authentication confidence (col.8 line 7 to col.9 line 5, and col. 16 line to line 20). 

3. Regarding Claim 5 Walker teach and describe user authorization method (Figl-2, 
abstract) comprising the steps of: 

presenting to an authentication subject one or more predefined queries from each of 
multiple independent databases of identifying information (col.9 line 35 to line 42); receiving 
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from the authentication subject an answer to each of the selected queries (Fig.2A, col.7 line 53 
to line 62,and col. 15 line 56 to line 67); 

presenting each answer to at least one of the multiple independent databases that has 
corresponding identifying information; obtaining from the multiple independent databases an 
authentication confidence level for each answer; and combining the authentication confidence 
level for each answer into a combined confidence level for authenticating the authentication 
subject (Fig.2A, col.7 line 53 to line 62,and, and coj.8 line 7 to col.9 line 5, col. 15 line 56 to line 
67, and col. 16 line to line 20). 

4. Regarding Claim 6 Walker teach and describe method of authenticating the putative 
identity of a subject who is an individual, the method comprising the steps of: providing a 
database interface for interacting with an independent, remote, third-party database without 
storing any significant portion of the third-party database locally, and wherein the interaction is 
limited to submitting a query among a predetermined set of permitted types of queries, and 
receiving from the third-party database a response to the permitted query; receiving identifying 
information associated with the subject to authenticate his identity, the received identifying 
information including at least one item of information sufficient to form one of the permitted 
types of queries; forming a permitted type of query based on the received identifying 
information; transmitting the formed query to the remote, third-party database; and receiving a 
response from the remote, third-party database wherein the database interface does not 
otherwise provide access to the remote, third-party database, so that privacy of the remote, 
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third-party database content remains under control of its owner (Fig.2A , col.7 line 33 to col.9 
line 35 and, col. 15 line 26 to, col. 16 line 20 to line 42). 



4. Claims 2-3, and 7-15 are rejected applied as above rejecting Claim 1. Furthermore, 
Walker teach and describe a system a method wherein: 

As per Claim 2 the associated information in the multiple independently operated 
databases includes out-of-wallet data identifying the subject (col.8 line 51 to col.9 line 5). 

As per Claim 3 further comprising a personal information database coupled to the 
verification engine, the personal information database containing in-wallet data identifying the 
subject (col. 16 line 45 to col. 17 line 5). 

As per Claim 7, said permitted types of queries are defined in advance by agreement with 
an owner of the independent, remote, third-party database (col.7 line 8 to line 22). 

As per Claim 8, said receiving the identifying information associated with the subject 
transpires in a live interaction with the subject in person (col.7 line 53 to line 62). 

As per Claim 9, receiving the identifying information associated with the subject is 
through a computer network (Fig. 2 A). 

As per Claim 10, receiving the identifying information associated with the subject via the 
Internet (Fig. 1-2). 

As per Claim 1 1, the database interface enables interaction with multiple independent, 
remote, third-party databases without storing any significant portion of any of said databases 
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locally, so that privacy of the remote, third-party database contents remain under control of their 
respective owners (col.7 line 63 to col.8 line 19). 

As per Claim 12, receiving responses from a plurality of the remote, third-party databases 
and assembling the responses from the multiple databases to form a result (col.7 line 63 to col.9 
line 5), 

As per Claim 13, the associated identifying information in the database includes out-of- 
wallet data associated with the subject (col.8 line 51 to col.9 line 5). 

As per Claim 14, presenting a predetermined question to the subject; receiving an answer 
to the question; and forming the database query responsive to the answer received (col. 16 line 
15 to line 21). 

As per Claim 15, forming a second question responsive to the response from the remote, 
third-party database; presenting the second question to the subject; and forming another 
database query responsive to the answer to the second question (col. 16 line 15 to line 21). 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
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will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Syed Zia whose telephone number is 571-272-3798. The 
examiner can normally be reached on 9:00 to 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




